I have a group of servers authenticating against an LDAP server. I would like to be able to periodically update the /etc/ldap.secret file with an updated secret. I've written a small script that reads a list of hosts in from a file and uses SSH to update all the servers but I keep getting a nagging feeling that there must be a better tool or method.

1 Answer
1

Basically instead of spewing commands at a list of servers in an ssh loop, you describe the state you want a server to be in and the CMU will do what is needed to get it there. You can configure them to poll a master server every X minutes/hours for changes or you can push changes out to a list of servers when you wish. They have stuff built in to them to account for different distros, package managers, etc.

If the CMU is overly complex for your needs, there's some tools that are like ssh loops but with better control/logic: